Security Architect
Docker
This job is no longer accepting applications
See open jobs at Docker.See open jobs similar to "Security Architect" Vertex Ventures US.Docker is a remote first company with employees across Europe, APAC and the Americas that simplifies the lives of developers who are making world-changing apps. We raised our Series C funding in March 2022 for $105M at a $2.1B valuation. We continued to see exponential revenue growth last year. Join us for a whale of a ride!
The Security Architect will report to the Director, Security, Risk & Trust and help Docker enable the growth of Docker’s products with a security-first mindset.
The Security Engineering team enables the secure design and engineering of Docker’s products and secures Docker’s systems and tools with the goal of exceeding security standards, compliance, and audit requirements with velocity and automation in mind. We are an enabling team of Security Engineers, not analysts. As a member of this team, you will work closely with all Docker’s engineering teams in helping determine the overall security strategy for Docker products.
Responsibilities:
Develop and and integrate cybersecurity designs for systems and networks with security requirements
Conduct proofs of concept and implement security solutions
Develop cybersecurity architecture guidelines and ensure systems that are acquired or developed are consistent with those designs
Perform security reviews, identify gaps in security architecture and develop a security risk management plan
Perform threat modeling with teams to ensure architecture is developed securely
Represent security in enterprise-level policy creation and governance around cloud security (AWS, GCP, Azure, etc.)
Coordinate penetration testing and mitigation/remediation discussions for customer-facing SaaS software products
Collaborate with engineering teams to access and explain risks, threat, exploits to make risk-informed security decisions
Run Docker’s security champion program
Mentor security engineers and champions on cloud security best practices and to advocate for security requirements in their respective engineering teams
Requirements:
7+ years of experience in designing and implementing secure cloud architecture
10+ years of experience in software development
Strong knowledge of cloud service models and cloud security best practices
Experience with AWS and GCP
Experience with data protection, cryptography, and key management
Expertise in implementing and overseeing Secure Software Development Lifecycle (SSDLC) practices across an organization
Software experience with Go, Reactj, and Python
Experience with API security
Experience with Auth/Authz
Familiarity with security and compliance frameworks such as NITS, CIS, ISO 27001, SOC 2, GDPR, etc.
Preferred:
Cloud security certifications such as AWS Certified Security Specialist, Azure Security Engineer, Certified Cloud Security Professional (CSSP), Certified Kubernetes Security Specialist (CKS)
Azure experience is a plus
Clojure experience is a plus
What to expect in the first 30 days
Develop understanding of Docker’s architecture and infrastructure
Perform analysis and threat-modeling of Docker’s current security architecture in AWS
Perform architecture threat-modeling for new products in development and advise engineering teams on best practices
Develop an understanding of Docker’s security environment and risk register
Understand Docker’s current roadmap and existing development activities
What to expect in the first 90 days
Perform analysis and threat-modeling of Docker’s current security architecture in GCP and Azure
Review critical and high risk APIs
Perform architecture threat-modeling for new products in development and advise engineering teams on best practices
Participate in security champions program
What to expect in the first year
Further Docker’s initiative of security first throughout engineering
Update and maintain cloud architecture security baselines for the organization
Develop and lead cloud architecture training for security champions program
Participate in developing the overall security strategy for the organization
Perks:
Freedom & flexibility; fit your work around your life
Home office setup; we want you comfortable while you work
16 weeks of paid Parental leave
Technology stipend equivalent to $100 net/month
PTO plan that encourages you to take time to do the things you enjoy
Quarterly, company-wide hackathons
Training stipend for conferences, courses and classes
Equity; we are a growing start-up and want all employees to have a share in the success of the company
Docker Swag
-
Medical benefits, retirement and holidays vary by country
Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our company will be.
Due to the remote nature of this role, we are unable to provide visa sponsorship.
#LI-REMOTE
This job is no longer accepting applications
See open jobs at Docker.See open jobs similar to "Security Architect" Vertex Ventures US.